March 15, 2012 at 7:57 pm #7434Don DonzalKeymaster
EH-Net is proud to add yet another new columnist this year. As an intro into his quarterly contributions, Jason Andress takes a look at how to build an infosec pro. In the coming months, look for more info on building a career with an emphasis on ethical hacking.
As always, let him know what you think and add your own stories to help others or even ask Jason at the entire EH-Net Community for help on your specific questions.
Permanent link: [Article]-Building Information Security Professionals
A commonly posed question, particularly among people looking to get into the information security field, is “how do I get into information security?” This is an excellent question, and one we can find answered in a variety of ways, although, perhaps, it is not really the right question to ask. A better question might be “what do I need to do to build myself into an information security professional?” The distinction between the two questions is narrow, but definitely present.
We might think of this as the difference between looking for a job and looking for a career. Career information security professionals are some of the most passionate, dedicated, and engaged people in all of the technology industry. We will often find such focused people burning the midnight oil on security research, projects, and conference presentations, not necessarily because they are being paid to do so, but because they have a burning interest in doing so.
So, that being said, let’s talk about how we build information security professionals.
May 3, 2012 at 5:23 pm #46442Travis M. FritzParticipant
Aspiring Infosec Professional, specifically Penetration Tester here.
Ideally those interested in InfoSec would try out several roles and see where they have the most interest.
I think a good way to identify what your area interested in or passionate about would be to study for a broad security certification like Security+ or CISSP. These certs cover allot of different aspects of security and should allow those that study for them to sink their teeth in a particular area or subject.
I personally like helping people. Penetration Testing seems to be a good place to help those that have vulnerabilities see them, equate them to business financials, and perhaps even point the IT staff in the right direction.
Another way to accomplish this would be to surf the webs using information security search terms. The problem is this could hinder user if they click on the wrong link or don’t know the right terms to search.
Possibly a more focused beginning would be to find a local group that holds information security in high regard and use them to broaden your infosec knowledge.
Any way you do it… I think the first step has to be finding which activities peak your interest. Then you can dive in and learn.
But wait there is more………
Jason mentioned in his column that that many focused people holding conference presentations. This is really where the rubber meets the road. If you are really excited about something help other become excited!
May 3, 2012 at 11:28 pm #46443MaXeParticipant
Not having read the article yet but only skimmed through it, it looks great and it’s nice to see content like this when the question “how to become * ” seems to come more and more often here at the Ethical Hacker Network, so great job Don and of course Jason too 🙂
May 4, 2012 at 3:04 pm #46444jasonParticipant
One way or the other, it amounts to jumping in, in some fashion. Journey of a thousand miles and all that…
May 4, 2012 at 3:06 pm #46445jasonParticipant
Oh and welcome to EH.net Travis. There are some really good/smart folks here, happy to have you join in.
- You must be logged in to reply to this topic.